CVE-2013-5135

Format string vulnerability in Screen Sharing Server in Apple Mac OS X before 10.9 and Apple Remote Desktop before 3.5.4 allows remote attackers to execute arbitrary code via format string specifiers in a VNC username.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html	Vendor Advisory
http://lists.apple.com/archives/security-announce/2013/Oct/msg00007.html	Vendor Advisory
http://lists.apple.com/archives/security-announce/2013/Oct/msg00008.html	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:apple:apple_remote_desktop::::::::
	cpe:2.3:a:apple:apple_remote_desktop:3.0.0:::::::*
	cpe:2.3:a:apple:apple_remote_desktop:3.1:::::::*
	cpe:2.3:a:apple:apple_remote_desktop:3.2:::::::*
	cpe:2.3:a:apple:apple_remote_desktop:3.2.1:::::::*
	cpe:2.3:a:apple:apple_remote_desktop:3.2.2:::::::*
	cpe:2.3:a:apple:apple_remote_desktop:3.3:::::::*
	cpe:2.3:a:apple:apple_remote_desktop:3.3.1:::::::*
	cpe:2.3:a:apple:apple_remote_desktop:3.3.2:::::::*
	cpe:2.3:a:apple:apple_remote_desktop:3.4:::::::*
	cpe:2.3:a:apple:apple_remote_desktop:3.5:::::::*
	cpe:2.3:a:apple:apple_remote_desktop:3.5.1:::::::*
	cpe:2.3:a:apple:apple_remote_desktop:3.5.2:::::::*

Configuration 2 (hide)

OR	cpe:2.3:o:apple:mac_os_x::supplemental_update::::::*
	cpe:2.3:o:apple:mac_os_x:10.8.0:::::::*
	cpe:2.3:o:apple:mac_os_x:10.8.1:::::::*
	cpe:2.3:o:apple:mac_os_x:10.8.2:::::::*
	cpe:2.3:o:apple:mac_os_x:10.8.3:::::::*
	cpe:2.3:o:apple:mac_os_x:10.8.4:::::::*
	cpe:2.3:o:apple:mac_os_x:10.8.5:::::::*

History

No history.

Information

Published : 2013-10-24 03:48

Updated : 2023-12-10 11:16

NVD link : CVE-2013-5135

Mitre link : CVE-2013-5135

CVE.ORG link : CVE-2013-5135

JSON object : View

Products Affected

apple

mac_os_x
apple_remote_desktop

CWE

CWE-134

Use of Externally-Controlled Format String

{"id": "CVE-2013-5135", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2013-10-24T03:48:48.877", "references": [{"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html", "tags": ["Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00007.html", "tags": ["Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00008.html", "tags": ["Vendor Advisory"], "source": "product-security@apple.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-134"}]}], "descriptions": [{"lang": "en", "value": "Format string vulnerability in Screen Sharing Server in Apple Mac OS X before 10.9 and Apple Remote Desktop before 3.5.4 allows remote attackers to execute arbitrary code via format string specifiers in a VNC username."}, {"lang": "es", "value": "Vulnerabilidad de format string en Screen Sharing Server de Apple Mac OS X anterior a 10.9 y Apple Remote Desktop anterior a 3.5.4 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s especificadores de formato de cadena en el nombre de usuario VNC."}], "lastModified": "2018-10-30T16:26:14.403", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:apple:apple_remote_desktop:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DA6068E6-47A3-44C0-AAE7-25952E9B18CD", "versionEndIncluding": "3.5.3"}, {"criteria": "cpe:2.3:a:apple:apple_remote_desktop:3.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4E315CDB-EABA-4632-A4E2-F207695D9139"}, {"criteria": "cpe:2.3:a:apple:apple_remote_desktop:3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AB6214BD-6D4B-4F32-B35A-D638723C240A"}, {"criteria": "cpe:2.3:a:apple:apple_remote_desktop:3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C3EF0960-C1A7-4770-80AD-4324925F8966"}, {"criteria": "cpe:2.3:a:apple:apple_remote_desktop:3.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "69A47AAB-EC72-474E-A184-1E487D10B747"}, {"criteria": "cpe:2.3:a:apple:apple_remote_desktop:3.2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5509B564-A235-44B9-B0AB-A72AFF5D2837"}, {"criteria": "cpe:2.3:a:apple:apple_remote_desktop:3.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "52113D2A-3C14-4299-B4E9-0731630FC5D3"}, {"criteria": "cpe:2.3:a:apple:apple_remote_desktop:3.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "043E86FA-CFD5-4845-BF5E-F42B81EE9C64"}, {"criteria": "cpe:2.3:a:apple:apple_remote_desktop:3.3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2BA5FDCD-BF01-4BF3-8F4C-4E9829C2BD6D"}, {"criteria": "cpe:2.3:a:apple:apple_remote_desktop:3.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "72309021-65E6-43C0-993D-81F6FA0D16C0"}, {"criteria": "cpe:2.3:a:apple:apple_remote_desktop:3.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "00BA9937-8F14-4AED-B9DA-ABFA6837CCD5"}, {"criteria": "cpe:2.3:a:apple:apple_remote_desktop:3.5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8B3B607B-3B0B-44CA-809E-CBC4A656D4D9"}, {"criteria": "cpe:2.3:a:apple:apple_remote_desktop:3.5.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "16C73945-1E37-4CFD-BA7D-0F43D339BC0A"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:*:supplemental_update:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BA9ABDE2-A7F3-4D0B-9BBB-57F27AE14B1D", "versionEndIncluding": "10.8.5"}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B2082D62-3821-4DBA-8690-67489F44C38D"}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.8.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8F0DB1BC-DC16-423E-B0C7-8E9C996A50B5"}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.8.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E59315BA-B9F1-46A5-86E7-8BE2ED97BA4F"}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.8.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "55841123-F78F-42E0-8D40-C688C4B4D29C"}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.8.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "252640D3-5CB8-4C3D-9E8B-ED452293C805"}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.8.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F3D30B4B-DA63-40B0-B0C9-F3992CF25706"}], "operator": "OR"}]}], "sourceIdentifier": "product-security@apple.com"}